← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-923

CAT III (Low)

The system must be checked for extraneous device files at least weekly.

Rule ID

SV-45176r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000318

Discussion

If an unauthorized device is allowed to exist on the system, there is the possibility the system may perform unauthorized operations.

Check Content

Check the system for an automated job, or check with the SA, to determine if the system is checked for extraneous device files on a weekly basis. If no automated or manual process is in place, this is a finding.

Fix Text

Establish a weekly automated or manual process to create a list of device files on the system and determine if any files have been added, moved, or deleted since the last list was generated. A list of device files can be generated with this command:
# find / -type b -o -type c > device-file-list